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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1,114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
04/20/2006 has been entered. 

Response to Amendment 

2. The affidavit filed on 04/20/2006 under 37 CFR 1 . 1 3 1 has been fially considered, 
and is sufficient to overcome the Bugnion, and/or Derks and/or Bowman- Amuah and/or 
Devine references. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-64 and applied reference Bugnion, 
and/or Derks and/or Bowman- Amuah and/or Devine have been fully considered but are 
moot in view of the new ground(s) of rejection. 

4. Regarding arguments filed on 04/20/2006 in response to Advisory Action the 
office sent on 02/08/2006, wherein each virtual web servers ofWesinger not running 
independent/separate operating systems, is not claimed on claims 1, 20, and 54. 
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Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

6. Claims 37 and all dependent claims on 37 are rejected under 35 U.S.C. 101 

because the claimed invention is directed to non-statutory subject matter. It is not 
practical application and/or no tangible result. 



Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent granted 
on an application for patent by another filed in the United States before the invention by the applicant 
for patent, except that an international application filed under the treaty defined in section 351(a) shall 
have the effects for purposes of this subsection of an application filed in the United States only if the 
international application designated the United States and was published under Article 21(2) of such 
treaty in the English language, 

8. Claims 1-36, and 54-61 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Wesinger, JR. et al. herein after (Wesinger) Pub. No. US 2001/001 1304 Al . 



Regarding claims 1 , 20, and 54, Wesinger discloses an apparatus/method of providing for 
a plurality of customers (0012 lines 7-8, and 0050; web users ... remote hosts) one or 
more computer services selected from: file, data and archiving services; applications 
hosting services; database hosting services; data warehouse services; know^ledge 
management hosting services; digital media production services; "intellectual property" 
and streaming media services; simple web hosting services; complex e-Commerce web 
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hosting services; high performance computation services; electronic messaging and 
conferencing services; and, learning neuro-computer services (0035; web hosting 
services); the method comprising the steps of: 

setting up on a real computer (fig. 1 ; web server physical machine) at the request 
of each of said customers (0024 and 0026; user connection request to connect and 
access...) at least one virtual machine (fig. 1 virtual host 1,2, ... N) for each of said 
customers, said at least one virtual machine for each of said customers having a 
specification determined in accordance with the computer service or services requested 
by said customer and being configurable by said customer (0035 and 0045-0053; 
configuring multiple virtual hosts and/or client computers based on users 
preferences/budgets), said at least one virtual machine having an operating system 
running thereon (operating system of the web server). 

Regarding claims 2 and 21, Wesinger further teaches an apparatus/method, wherein 
plural virtual machines are set up within the real computer for at least one of said 
customers (fig. 1 ; web server physical machine and VHl ... VHN). 

Regarding claims 3 and 22, Wesinger further teaches an apparatus/method, wherein the 
or each virtual machine for at least one of said customers is connected to a virtual 
network set up for said at least one customer within the real computer (0021-0027). 

Regarding claims 4 and 23, Wesinger ftirther teaches an apparatus/method, comprising a 
virtual intrusion detection device for detecting an attack on the virtual network (The 
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examiner takes an official notice on virtual intrusion detection as a well-known at the 
time of the invention was made because it would enable secure virtual network (see, 
Cisco News Release by San Jose pages 4-5). 

Regarding claims 5 and 24, Wesinger further teaches an apparatus/method, wherein at 
least one virtual machine is connected to a virtual firewall that is connectable to an 
external network to which customers and/or other users can connect such that access to 
said at least one virtual machine by a customer or other user via a said external network 
can only take place through a virtual firewall (0025). 

Regarding claims 6 and 25, Wesinger further teaches an apparatus/method, wherein the 
or each virtual machine for a particular customer is connected to a virtual firewall that is 
dedicated to that customer's virtual machine or machines, each virtual firewall being 
connectable to an external network to which each of said customers and/or other users 
can connect such that access to a virtual machine by a customer or other user via a said 
external network can only take place through a virtual firewall provided for that virtual 
machine or machines (0039). 

Regarding claims 7 and 26, Wesinger further teaches an apparatus/method, wherein each 
virtual firewall is set up within the real computer, the or each virtual machine for each 
customer being connected to a first port of the virtual firewall that is dedicated to that 
customer's virtual machine or machines, each virtual firewall having a second port 
connected to a virtual network that is set up within the real computer and that is 
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Regarding claims 8 and 27, Wesinger further teaches an apparatus/method, wherein the 
second port of each virtual firewall is connected to the same virtual network that is set up 
within the real computer and that is connectable to an external network (0025). 

Regarding claim 9, Wesinger further teaches an apparatus/method, wherein the or at least 
one of the virtual firewalls is implemented by a virtual machine on the real computer, 
said virtual firewall virtual machine running firewall software (0039). 

Regarding claims 10 and 28, Wesinger fiirther teaches an apparatus/method, comprising a 
plurality of real data storage devices and at least one virtual storage subsystem that is 
configured to allow said real data storage devices to emulate one or more virtual storage 
devices (0026). 

Regarding claims 1 1 and 29, Wesinger fiirther teaches an apparatus/method, wherein the 
at least one virtual storage subsystem is configured to emulate at least one respective 
virtual storage device for each customer (0026). 

Regarding claims 12 and 30, Wesinger fixrther teaches an apparatus/method, comprising a 
detection device for detecting evidence of malicious software or hosfile attack signatures 
on the at least one virtual storage subsystem (0025). 
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Regarding claims 13 and 31, Wesinger further teaches an apparatus/method, wherein the 
apparatus is configurable to provide at least one of the services selected from: file, data 
and archiving services; applications hosting services; database hosting services; data 
warehouse services; knowledge management hosting services; digital media production 
services; "intellectual property" and streaming media services; simple web hosting 
services; complex e-Commerce web hosting services; high performance computation 
services; electronic messaging and conferencing services; and, learning neuro-computer 
services (0035). 

Regarding claims 14 and 32, Wesinger further teaches an apparatus/method, comprising 
virtual private network software to provide an encrypted communication channel for 
communication between at least some of said virtual machines (0053). 

Regarding claims 15 and 33, Wesinger further teaches an apparatus/method, comprising 
virtual private network software to provide an encrypted communication channel for 
communication between at least one virtual machine and an external computer (0021- 
0024). 

Regarding claims 16 and 34, Wesinger further teaches an apparatus/method, comprising 
virtual private network software to provide an encrypted communication channel for 
communication between a first virtual network and a second virtual network (0053). 

Regarding claims 17 and 35, Wesinger further teaches an apparatus/method, comprising 
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virtual private network software to provide an encrypted communication channel for 
communication between a virtual network and an external computer (0021-0026). 

Regarding claim 18, Wesinger ftirther teaches an apparatus/method, wherein the real 
computer comprises plural physical computers (fig. 1). 

Regarding claim 19, Wesinger fiirther teaches in combination, a first apparatus according 
to claim 1 and a second apparatus that is substantially identical to said first apparatus, the 
first and second apparatus being connected by a communications charmel so that the 
second apparatus can provide for redundancy of the first apparatus thereby to provide for 
disaster recovery if the first apparatus fails (The Examiner takes an official notice 
wherein second apparatus for providing disaster recovery if the first apparatus/real 
computer fails. It is well known in the art at the time of the invention to have a backup 
server to recover a disaster when failure of a host server because it would provide an 
efficient service with out failing to provide user requests during power outage/system 
failure (see, Seagate software press releases 1997 pages 1-2). 

Regarding claims 36 and 55, Wesinger further teaches the method, comprising the step of 
moving said at least one virtual machine from a first real computer to a second real 
computer (The Examiner takes an official notice again because to backup data during 
system failure the step of moving is necessary because it would recover data (see, 
Seagate software press releases 1997 pages 1-2)). 
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Regarding claims 56 and 59, Wesinger further teaches the apparatus/method wherein at 
least one of said virtual machines provides at least a virtual central processor unit (0021- 
0023). 

Regarding claims 57 and 60, Wesinger further teaches the apparatus/method, wherein at 
least one of said virtual machines is created using a virtual machine abstraction program 
(0012). 

Regarding claims 58 and 61, Wesinger further teaches the apparatus/method, wherein at 
least one of said virtual machines is created using machine simulation/emulation software 
(0023-0028). 

Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 37-53 and 62-64 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wesinger, JR. et al. herein after (Wesinger) Pub. No. US 
2001/0011304 Al in view of Alaiwan USPN 5,357,612. 
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Regarding claim 37, Wesinger discloses a method of operating a real computer (fig. 1; 
web server physical machine) on behalf of plural customers (0012 lines 7-8, and 0050; 
web users ... remote hosts), the method comprising the step of: 

operating plural virtual machines (fig. 1 virtual host 1, 2, N)on the real 
computer (fig. 1 ; web server physical machine), each of said plural virtual machines 
having a specification specified by and configurable by a respective one of the customers 
in accordance v^ith a computer service to be provided by the virtual machine on behalf of 
that customer (0035 and 0045-0053; configuring multiple virtual hosts and/or client 
computers based on users preferences/budgets), said at least one virtual machine having 
an operating system rurming thereon {operating system of the web server), 

Wesinger is silent to each of said virtual machines having an operating system 
running thereon. 

However Alaiwan discloses plurality of operating systems/processors (fig. 1 
elements 5, 9) each run their ovm operating system independently inside one real 
computer (see col. 3 lines 34-37). 

Therefore it v^ould have been obvious to one having ordinary skill in the art at the 
time of the invention was made to modify the teachings of Alaiwan within the system of 
Wesinger to operate the plurality of virtual machines of the real computer independently. 
One would have been motivated to do so because operating multiple operating systems in 
a single real computer would minimize maintenance cost. 

Regarding claim 38, Wesinger further teaches a method, comprising the step of operating 
plural virtual machines within the real computer for at least one of said customers (fig. 1 ; 
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Regarding claim 39, Wesinger further teaches a method, comprising the step of operating 
a virtual network for at least one of said customers within the real computer, the or each 
virtual machine for said at least one customer being cormected to said virtual network 
(0021-0027). 

Regarding claim 40, Wesinger further teaches a method, comprising the step of using a 
virtual intrusion detection device for detecting an attack on the virtual network (The 
examiner takes an official notice on virtual intrusion detection as a well-known at the 
time of the invention was made because it would enable secure virtual network (see, 
Cisco News Release by San Jose pages 4-5). 

Regarding claim 41, Wesinger further teaches a method, wherein at least one virtual 
machine is connected to a virtual firewall, the or each virtual firewall being connected to 
an external network to which customers and/or other users can connect such that access 
to a virtual machine by a customer or other user via a said external network can only take 
place through a virtual firewall (0025). 

Regarding claim 42, Wesinger further teaches a method, wherein the or each virtual 
machine for a particular customer is connected to a virtual firewall that is dedicated to 
that customer's virtual machine or machines, each virtual firewall being cormected to an 
external network to which each of said customers and/or other users can connect such 
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that access to a virtual machine by a customer or other user via a said external network 
can only take place through a virtual firewall provided for that virtual machine or 
machines (0039). 

Regarding claim 43, Wesinger further teaches a method, wherein each virtual firewall is 
set up within the real computer, the or each virtual machine for each customer being 
connected to a first port of the virtual firewall that is dedicated to that customer's virtual 
machine or machines, each virtual firewall having a second port connected to a virtual 
network that is set up within the real computer and that is connected to an external 
network (0039). 

Regarding claim 44, Wesinger further teaches a method, wherein the second port of each 
virtual firewall is connected to the same virtual network that is set up within the real 
computer and that is connectable to an external network (0025). 

Regarding claim 45, Wesinger further teaches a method, wherein at least one virtual 
storage subsystem is provided and configured to allow multiple real data storage devices 
to emulate one or more virtual storage devices (0026). 

Regarding claim 46, Wesinger further teaches a method, wherein the at least one virtual 
storage subsystem is configured to emulate at least one respective virtual storage device 
for each customer (0026). 
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Regarding claim 47, Wesinger further teaches a method, wherein a detection device is 
used for detecting evidence of malicious software or hostile attack signatures on the at 
least one virtual storage subsystem (0025). 

Regarding claim 48, Wesinger further teaches a method, wherein the services provided 
include at least one of the services selected from: file, data and archiving services; 
applications hosting services; database hosting services; data warehouse services; 
knowledge management hosting services; digital media production services; "intellectual 
property" and streaming media services; simple web hosting services; complex e- 
Commerce web hosting services; high performance computation services; electronic 
messaging and conferencing services; and, learning neuro-computer services (0035). 

Regarding claim 49, Wesinger further teaches a method, comprising the step of using 
virtual private network software to provide an encrypted communication channel for 
communication between at least some of said virtual machines (0053). 

Regarding claim 50, Wesinger further teaches a method, comprising the step of using 
virtual private network software to provide an encrypted communication channel for 
communication between at least one virtual machine and an external computer (0021- 
0024). 

Regarding claim 51, Wesinger further teaches a method, comprising the step of using 
virtual private network software to provide an encrypted communication channel for 
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communication between a first virtual network and a second virtual network (0053). 

Regarding claim 52, Wesinger further teaches a method, comprising the step of using 
virtual private network software to provide an encrypted communication channel for 
communication between a virtual network and an external computer (0021-0026). 

Regarding claim 53, Wesinger teaches the method, comprising the step of moving said at 
least one virtual machine from a first real computer to a second real computer (The 
Examiner takes an official notice because to backup data during system failure the step of 
moving is necessary because it would recover data (see, Seagate software press releases 
1997 pages 1-2)). 

Regarding claim 62, Wesinger further teaches the apparatus/method wherein at least one 
of said virtual machines provides at least a virtual central processor unit (0021-0023). 

Regarding claim 63, Wesinger further teaches the apparatus/method, wherein at least one 
of said virtual machines is created using a virtual machine abstraction program (0012). 

Regarding claim 64, Wesinger further teaches the apparatus/method, wherein at least one 
of said virtual machines is created using machine simulation/emulation software (0023- 
0028). 



Conclusion 
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1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272- 
3867. The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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